CVE-2019-0245
published 2019-01-08CVE-2019-0245: SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01) does not sufficiently encode user-controlled inputs…
medium5.4CVSS 3.0
AVNACLPRLUIRSCCLILAN
SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | s4fnd | — | — |
| sap | sapscore | — | — |
| sap_se | sap_crm_webclient_ui | < 1.12 | 1.12 |
| sap_se | sap_crm_webclient_ui | < 1.02 | 1.02 |
| sap_se | sap_crm_webclient_ui | < 7.31 | 7.31 |
| sap_se | sap_crm_webclient_ui | < 7.46 | 7.46 |
| sap_se | sap_crm_webclient_ui | < 7.47 | 7.47 |
| sap_se | sap_crm_webclient_ui | < 7.48 | 7.48 |
| sap_se | sap_crm_webclient_ui | < 8.0 | 8.0 |
| sap_se | sap_crm_webclient_ui | < 8.01 | 8.01 |